package com.zhuang.work0430.controller;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.zhuang.work0430.entity.User;
import com.zhuang.work0430.service.UserService;
import com.zhuang.work0430.util.ResponseJSON;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @className: BaseController
 * @description: 类描述：
 * @author: LiZhuang
 * @date: 2021/4/30 12:10
 */
@RestController
@RequestMapping("base")
public class BaseController {
    @Autowired
    private UserService userService;
    @RequestMapping("login.json")
    public ResponseJSON login(@RequestBody User user){
        System.out.println("登录方法");
        //原来我们是通过用户名密码登录
        //现在我们使用了Shiro安全框架
        //需要通过主体进行认证操作
        //获取主体对象
        Subject subject = SecurityUtils.getSubject();
        //将登录的用户名密码组成一个认证令牌
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(user.getName(), user.getPassword());
        //根据令牌 使用主体进行认证操作
        Session session = subject.getSession();
        System.out.println("用户登录方法中的：sessionId：" + session.getId());
        ResponseJSON json=null;
        try {
             subject.login(usernamePasswordToken);// 执行该方法 会进行认证操作，也就是会走到自定义的realm之中
            return  json=new ResponseJSON("200","success",user);
         }catch (Exception e){
             e.printStackTrace();
             return json=new ResponseJSON("500","error",null);
         }



    }
}
